1. Field
The present disclosure relates generally to data processing systems and more particularly to cybersecurity using data processing systems. Still more particularly, the present disclosure relates to detection of malware packaged within network traffic as transfer encodings.
2. Background
Avionics refers to electronics used by aircraft, spacecraft, and satellites for communication, navigation, and other aviation operations and systems. Aircraft may often communicate with each other and ground crews using avionics over network environments. Aircraft systems can receive updates and instructions over network environments that affect the operation of an aircraft. The network environment used by aircraft systems and avionics must be secure against undesired access and input.
Network security tools used in data processing systems generally use virus checking tools, such as signature-based filters, which are capable of identifying transfer encodings embedded in electronically formatted texts. These tools provide security against known viruses, but are unable to provide reliable security against attacks which exploit commonplace transfer encodings. Transfer encodings are binary executable programs converted into alphabetic sequences using an encoder, such as a UNIX-to-UNIX encoder or uuencoder. Messages received in network traffic often include natural language text and non-text content. The non-text content may be ASCII encoding of binary data in UNIX-to-UNIX, MIME base64, or similar transfer encodings.
Therefore, it would be advantageous to have a method and apparatus that takes into account one or more of the issues discussed above, as well as possibly other issues.